D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the configuration of the ONVIF API. The issue results from the use of a hardcoded PIN. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-21492.
Metrics
Affected Vendors & Products
References
History
Mon, 25 Nov 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dlink
Dlink dcs-8300lhv2 Dlink dcs-8300lhv2 Firmware |
|
Weaknesses | CWE-798 | |
CPEs | cpe:2.3:h:dlink:dcs-8300lhv2:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dcs-8300lhv2_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Dlink
Dlink dcs-8300lhv2 Dlink dcs-8300lhv2 Firmware |
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: zdi
Published: 2024-05-03T02:15:49.785Z
Updated: 2024-08-02T22:40:34.165Z
Reserved: 2023-12-20T21:52:34.962Z
Link: CVE-2023-51629
Vulnrichment
Updated: 2024-08-02T22:40:34.165Z
NVD
Status : Analyzed
Published: 2024-05-03T03:16:26.273
Modified: 2024-11-25T14:39:27.587
Link: CVE-2023-51629
Redhat
No data.